Uninitialised memory access in getaddrinfo
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tarantool |
Confirmed
|
Medium
|
Kostja Osipov | ||
Bug Description
lua s = box.socket.tcp()
lua sr, se = s:connect(
roman@work:
==25307== Memcheck, a memory error detector
==25307== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==25307== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==25307== Command: ../../src/
==25307==
==25307== Conditional jump or move depends on uninitialised value(s)
==25307== at 0x48766E: lj_str_new (in /data/work/
==25307== by 0x48ED78: lua_pushlstring (in /data/work/
==25307== by 0x4A188D: emptybuffer (in /data/work/
==25307== by 0x4A1C71: luaL_pushresult (in /data/work/
==25307== by 0x4A1DD2: luaL_gsub (in /data/work/
==25307== by 0x4432FD: tarantool_lua (init.m:1190)
==25307== by 0x466F7F: admin_dispatch (admin.rl:233)
==25307== by 0x4699E7: admin_handler (admin.rl:345)
==25307== by 0x452FCB: fiber_loop (fiber.m:368)
==25307== by 0x4805CF: coro_init (coro.c:95)
==25307== by 0x414BBF: ??? (in /data/work/
==25307== Uninitialised value was created by a stack allocation
==25307== at 0x4A1D39: luaL_gsub (in /data/work/
==25307==
==25307== Thread 3:
==25307== Invalid read of size 4
==25307== at 0x5614E21: gaih_inet (getaddrinfo.c:839)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== by 0x4E3AE0D: start_thread (pthread_
==25307== by 0x563995C: clone (clone.S:113)
==25307== Address 0x41afcb4 is not stack'd, malloc'd or (recently) free'd
==25307==
==25307== Syscall param sendmsg(
==25307== at 0x563AF6B: sendmmsg (sendmmsg.c:36)
==25307== by 0xE1362DE: __libc_res_nsend (res_send.c:1140)
==25307== by 0xE133B8B: __libc_res_nquery (res_query.c:226)
==25307== by 0xE134147: __libc_
==25307== by 0xE1345C2: __libc_res_nsearch (res_query.c:416)
==25307== by 0xDF28A55: _nss_dns_
==25307== by 0x5614E81: gaih_inet (getaddrinfo.c:849)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== Address 0xdb10a30 is on thread 3's stack
==25307== Uninitialised value was created by a stack allocation
==25307== at 0xE1356D0: __libc_res_nsend (res_send.c:347)
==25307== at 0x563AF6B: sendmmsg (sendmmsg.c:36)
==25307== by 0xE1362DE: __libc_res_nsend (res_send.c:1140)
==25307== by 0xE133B8B: __libc_res_nquery (res_query.c:226)
==25307== by 0xE134147: __libc_
==25307== by 0xE1345C2: __libc_res_nsearch (res_query.c:416)
==25307== by 0xDF28A55: _nss_dns_
==25307== by 0x5614E81: gaih_inet (getaddrinfo.c:849)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== Address 0xdb10a30 is on thread 3's stack
==25307== Uninitialised value was created by a stack allocation
==25307== at 0xE1356D0: __libc_res_nsend (res_send.c:347)
| Changed in tarantool: | |
| milestone: | none → 1.5.1 |
| assignee: | nobody → Kostja Osipov (kostja) |
| importance: | Undecided → Medium |
| status: | New → Confirmed |
| Changed in tarantool: | |
| milestone: | 1.5.1 → 1.5.2 |
